moai-baas-convex-ext

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly ingests user-generated content from public rooms (see the getRoomActivity handler which queries the "messages" table for room.isPublic) and processes client-supplied document operations/content (e.g., applyEdit, updateDocument), exposing the agent to untrusted third-party input that could carry indirect prompt-injection payloads.